Mechanism for checking LBS's confidentiality in a Wideband Code Division Multiple Access (WCDMA) network has been stipulated in the 3rd Generation Partnership Project (3GPP) technical specifications of 3GPP TS 22.071 and 3GPP TS 23.271. And the modules associated with privacy checking include:
(1) Privacy Profile Register (PPR)
The PPR has a major function of implementing privacy checking. Its address is saved in Home Location Register (HLR) or Home Subscriber Server (HSS). Home Mobile Location Centre (H-GMLC) can access the PPR through Lpp interface. The PPR can be either an independent entity or integrated in H-GMLC. In the PPR, subscription information on a subscriber's privacy is saved. No LBS client is enabled by default. The privacy properties include:                Codeword: a level which is adopted by a target UE to determine which requestors are permitted or the UE's location information. There is no specific definition in 3GPP. It is configured by operators according to the conditions of their own LBS;        Privacy exception list: determining which LBS clients, which services and which types of LBS clients can locate certain UE;        Privacy on service type: determining which types of services permit a LBS client to obtain the location of the target UE;        Beyond privacy indicator: determining the applicability of the privacy exception list.        
A requestor should provide certain target UE's codeword when requesting for the UE's location information. The codeword can be provided by the requestor and forwarded by LBS Client to the target UE for checking. Also, the codeword can be registered in LBS Client by the target UE or the subscriber in advance and checked in LBS server. The generation or distribution of a codeword is not stipulated in 3GPP specifications. In addition to the basic functions of the codeword mentioned above, an enhanced codeword contains a specific time period and times for which the codeword can be used.
(2) Pseudonym Mediation Device (PMD)
The PMD functions to map or decrypt a pseudonym into a true identifier of UE, such as International Mobile Subscriber Identifier (IMSI) or Mobile Station Integrated Service Digital Network (MSISDN) number. The PMD can be either an independent equipment or integrated in PPR, Gateway Mobile Location Center (GMLC) or other equipment in the network. Details on the functions of PMD are not specified in 3GPP.
In 3GPP, the flow of authorization checking is illustrated in FIG. 1, in which steps are:
101 GMLC sends to PPR a location based service authorization request message, which contains the following parameters:                Target UE identifier (ID) including either MSISDN or IMSI or both, optional;        LBS client ID;        LBS client type, such as value-added service, emergency service, legal listening;        Service type, optional        Codeword, optional;        Location type, such as “current location”, “current or latest known location”, “initial location”;        and so on;        
If PMD is integrated in PPR, the UE ID included in the message uses the UE's pseudonym instead of the true UE ID;
102 If the location based service authorization request message contains the target UE's pseudonym, PPR will enables the PMD function to determine the target UE's true UE ID, such as IMSI or MSISDN. Based on the privacy information on the target UE's subscription, PPR performs privacy checking, and the checking result is returned to GMLC as a location based service authorization response message. If the location request is prohibited, the location based service authorization response message contains only a location request prohibition indicator. Otherwise, it contains the following permission indicators:                The location request is not permitted;        The location request is permitted without being informed to UE;        The location request is permitted with being informed to UE;        The location request needs to be informed to UE and verified by UE, and the location request can be authorized only if it passes the verification or has no response to the informing act;        The location request needs to be informed to UE and verified by UE, and the location request can be authorized only if it passes the verification.        
The mobile Wimax (Institute of Electrical and Electronics Engineers (IEEE) 802.16e, USA) technology is based on fixed Wimax. Therefore, support to location based service is not yet considered in the existing mobile Wimax standard. And the location based service, namely LBS, is also a significant service in a mobile communication network. Thus, the network group of Wimax Forum (NWG) has specified the requirements on LBS in the Wimax network architecture version 1.5 which is being established, and a LBS group under NWG is devoted to establishing specifications on Wimax network LBS. So far, delegates from corporations like Huawei and Intel, etc. have proposed the architecture and basic protocol flow for Wimax network LBS, but no sound solution has been set forth by any delegate regarding authentication and authorization of Wimax network LBS.
In addition, as mentioned previously, 3GPP has stipulated a method for privacy checking. It is obvious, however, that the method cannot be directly applied in Wimax network. The reasons are as follows.
(1) The overall network architecture of 3GPP is completely different from that of Wimax.
In 3GPP, network entities generally include UE, base station (Node B), radio network controller (RNC), mobile switching center (MSC) or mobile switching server (MSC Server) and media gateway (MGW), general packet radio service (GPRS) support node (SGSN), gateway GPRS support node (GGSN), and home location register (HLR). On the other hand, network entities in Wimax include mobile station (MS), base station (BS), access service network gateway (ASN GW), authentication/authorization/accounting (AAA) module, policy function module (PF), home agent (HA) and foreign agent (FA). So that Wimax is a brand-new network architecture that is totally different from 3GPP.
(2) Privacy checking mechanism for LBS in 3GPP is difficult to understand and poor in practicability.
The privacy checking mechanism including modules of PPR and PMD, and codeword, etc., in 3GPP is difficult to understand, which does not comply with the original intention of Wimax network to be easy in understanding and practical in application.
(3) Privacy checking mechanism for LBS in 3GPP is complex.
The privacy checking mechanism for LBS in 3GPP takes into account nearly all kinds of issues, such as setting two separate entities, PPR and PMD, to implement privacy checking, using pseudonym and the like. Such all-round consideration is naturally accompanied by the problem of complexity. And this does not comply with the principle of simple and practical of Wimax network, either.
(4) Operators have to deal with too much blankness left in privacy checking mechanism for LBS in 3GPP.
If an operator intends to utilize LBS privacy checking, it has to devise by itself many mechanisms on the basis of relevant specifications in 3GPP. Operators need to design, for example, how to use codeword, how to generate and distribute codeword, how to check, etc., as the most critical mechanisms. Moreover, although pseudonym can be applied according to 3GPP, functions associated with PMD needs to be defined by operators themselves. On the other hand, any operator generally expects to deploy a service as quickly as possible. This needs a set of mature standards rather than spending plenty of extra time and efforts in perfecting and complementing the existing specifications.